An unsub withdrawn from the Quickex.io exchanger more than 2,000,000 RUB
In the period from March 8 to May 2, unknown attackers made totally about 148 attempts of conducting Ripple (XRP) withdrawal transactions using the vulnerability of the partial payment. In some cases, this led to significant losses on some exchanges. Following the BitoPro exchange, which recently lost $2,170,000, the well-known exchanger Quickex suffered at the hands of scammers.
On May 4, at about 8 p.m. (Moscow time zone), an unsub falsified deposits in the Ripple cryptocurrency and withdrawn the XRP tokens amounting to $32,000 from the Quickex exchanger.
The scammer claimed several transactions for a total of 100,000 XRP, but in fact sent only 0.0003232 XRP adding a partial payment mark “tfPartialPayment”. The Bitrue exchange told about such a fraudulent scheme in detail in their Twitter: https://twitter.com/hallwaymonitor2/status/1123869407837589506.
Probably, this information published online could lead to new attacks on the exchangers that use XRP.
Many exchanges that recently implemented the support of the Ripple token have missed the existence of a loophole for unscrupulous users in the form of the partial payment function, since this feature is not explicitly described in the Ripple documentation. In this regard, the wrong parameter was used to record the payment. As representatives of the Bitrue exchange reported, in the case of XRP, the “DeliveredAmount” parameter should be used instead of “Amount” one.
Now the Quickex developers have made adjustments to work with Ripple, the exchanger works as usual. Unfortunately, this will not return stolen funds, but will protect the exchanger from potential threats in the future.